Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/2215858/?format=api
{ "id": 2215858, "url": "http://patchwork.ozlabs.org/api/patches/2215858/?format=api", "web_url": "http://patchwork.ozlabs.org/project/buildroot/patch/20260325133343.1008245-2-martin@strongswan.org/", "project": { "id": 27, "url": "http://patchwork.ozlabs.org/api/projects/27/?format=api", "name": "Buildroot development", "link_name": "buildroot", "list_id": "buildroot.buildroot.org", "list_email": "buildroot@buildroot.org", "web_url": "", "scm_url": "", "webscm_url": "", "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<20260325133343.1008245-2-martin@strongswan.org>", "list_archive_url": null, "date": "2026-03-25T13:33:39", "name": "[v3,1/5] support/testing/utils: add basic tests for utils/generate-cyclonedx", "commit_ref": null, "pull_url": null, "state": "new", "archived": false, "hash": "60a262d3ca68875d3558783fd7570bdb21b68903", "submitter": { "id": 736, "url": "http://patchwork.ozlabs.org/api/people/736/?format=api", "name": "Martin Willi", "email": "martin@strongswan.org" }, "delegate": null, "mbox": "http://patchwork.ozlabs.org/project/buildroot/patch/20260325133343.1008245-2-martin@strongswan.org/mbox/", "series": [ { "id": 497444, "url": "http://patchwork.ozlabs.org/api/series/497444/?format=api", "web_url": "http://patchwork.ozlabs.org/project/buildroot/list/?series=497444", "date": "2026-03-25T13:33:39", "name": "Extend CycloneDX metadata", "version": 3, "mbox": "http://patchwork.ozlabs.org/series/497444/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/2215858/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/2215858/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<buildroot-bounces@buildroot.org>", "X-Original-To": [ "incoming-buildroot@patchwork.ozlabs.org", "buildroot@buildroot.org" ], "Delivered-To": [ "patchwork-incoming-buildroot@legolas.ozlabs.org", "buildroot@buildroot.org" ], "Authentication-Results": [ "legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=buildroot.org header.i=@buildroot.org\n header.a=rsa-sha256 header.s=default header.b=ga6F5oQq;\n\tdkim-atps=neutral", "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=buildroot.org\n (client-ip=2605:bc80:3010::136; helo=smtp3.osuosl.org;\n envelope-from=buildroot-bounces@buildroot.org; receiver=patchwork.ozlabs.org)" ], "Received": [ "from smtp3.osuosl.org (smtp3.osuosl.org [IPv6:2605:bc80:3010::136])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4fgntW6pJ3z1xy3\n\tfor <incoming-buildroot@patchwork.ozlabs.org>;\n Thu, 26 Mar 2026 00:33:55 +1100 (AEDT)", "from localhost (localhost [127.0.0.1])\n\tby smtp3.osuosl.org (Postfix) with ESMTP id 5694D60F34;\n\tWed, 25 Mar 2026 13:33:54 +0000 (UTC)", "from smtp3.osuosl.org ([127.0.0.1])\n by localhost (smtp3.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP\n id Mj6vsXOBmKzs; Wed, 25 Mar 2026 13:33:53 +0000 (UTC)", "from lists1.osuosl.org (lists1.osuosl.org [140.211.166.142])\n\tby smtp3.osuosl.org (Postfix) with ESMTP id 5D71C6130C;\n\tWed, 25 Mar 2026 13:33:53 +0000 (UTC)", "from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133])\n by lists1.osuosl.org (Postfix) with ESMTP id 6A9F7353\n for <buildroot@buildroot.org>; Wed, 25 Mar 2026 13:33:51 +0000 (UTC)", "from localhost (localhost [127.0.0.1])\n by smtp2.osuosl.org (Postfix) with ESMTP id 5BEFD4021A\n for <buildroot@buildroot.org>; Wed, 25 Mar 2026 13:33:51 +0000 (UTC)", "from smtp2.osuosl.org ([127.0.0.1])\n by localhost (smtp2.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP\n id yfEQwucsiDKa for <buildroot@buildroot.org>;\n Wed, 25 Mar 2026 13:33:50 +0000 (UTC)", "from mail.codelabs.ch (mail.codelabs.ch [109.202.192.35])\n by smtp2.osuosl.org (Postfix) with ESMTPS id E7BA5401F1\n for <buildroot@buildroot.org>; Wed, 25 Mar 2026 13:33:49 +0000 (UTC)", "from localhost (localhost [127.0.0.1])\n by mail.codelabs.ch (Postfix) with ESMTP id 8AE4A5A0002;\n Wed, 25 Mar 2026 14:33:47 +0100 (CET)", "from mail.codelabs.ch ([127.0.0.1])\n by localhost (fenrir.codelabs.ch [127.0.0.1]) (amavis, port 10024) with ESMTP\n id 7sLN2UKrD3nU; Wed, 25 Mar 2026 14:33:46 +0100 (CET)", "from zbook.home (unknown [185.12.128.224])\n by mail.codelabs.ch (Postfix) with ESMTPSA id 24A145A0003;\n Wed, 25 Mar 2026 14:33:46 +0100 (CET)" ], "X-Virus-Scanned": [ "amavis at osuosl.org", "amavis at osuosl.org" ], "X-Comment": "SPF check N/A for local connections - client-ip=140.211.166.142;\n helo=lists1.osuosl.org; envelope-from=buildroot-bounces@buildroot.org;\n receiver=<UNKNOWN> ", "DKIM-Filter": [ "OpenDKIM Filter v2.11.0 smtp3.osuosl.org 5D71C6130C", "OpenDKIM Filter v2.11.0 smtp2.osuosl.org E7BA5401F1" ], "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=buildroot.org;\n\ts=default; t=1774445633;\n\tbh=//Y3CvFtOOBAH2F4VvCi38JS21RFbLLUNvpEFfC9Lz4=;\n\th=From:To:Cc:Date:In-Reply-To:References:Subject:List-Id:\n\t List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe:\n\t From;\n\tb=ga6F5oQqOzM9Z8MjLg2bZ4o/VdqnmEY5pKeL6rJ9fBTnJLUF2yDoxpVtaelXTN0sB\n\t 8F2+kEUBrWBZirAw8ZwPZOW81PlnRnanjEDhVOp+yTv+v3ABhZTLtiUMt2aw8KEVfT\n\t IJ/zVlYW4Gn3uFQUGGX4DOeMGUeGfi2xVeQk1Zf+s67W0JWmhtl0gMD1O57FBy4OIM\n\t PD+JLxVbOFPgi209SoZ+j6flCKkN0gYOiendMmRl5ugb+AFvxLL5fE1JzwQog3YPuC\n\t vqO8HszUv64akgnQDlGTQJLDpGkw9RYL9VIIeKBw6+cQTBc3gUd4K6RMoczcFrIqi1\n\t fOCTwaeQWV82g==", "Received-SPF": "Pass (mailfrom) identity=mailfrom; client-ip=109.202.192.35;\n helo=mail.codelabs.ch; envelope-from=martin@strongswan.org;\n receiver=<UNKNOWN>", "DMARC-Filter": "OpenDMARC Filter v1.4.2 smtp2.osuosl.org E7BA5401F1", "From": "Martin Willi <martin@strongswan.org>", "To": "buildroot@buildroot.org", "Cc": "Thomas Perale <thomas.perale@mind.be>", "Date": "Wed, 25 Mar 2026 14:33:39 +0100", "Message-ID": "<20260325133343.1008245-2-martin@strongswan.org>", "In-Reply-To": "<20260325133343.1008245-1-martin@strongswan.org>", "References": "<20260325133343.1008245-1-martin@strongswan.org>", "MIME-Version": "1.0", "X-Mailman-Original-DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/simple;\n d=strongswan.org; s=default; t=1774445626;\n bh=KE1jh22PHINiVX6Dj61reAuPdBAZDzhLBLXcRa8G/HM=;\n h=From:To:Cc:Subject:Date:In-Reply-To:References:From;\n b=hDBmelwRsTzz/731iQ+gWdWcl+b+1q5Npetxrj2ooAWZrniMoDmcHDuPMZgcVIsxG\n ovN3w7nPMP9f60VG6EENH3WyI6LzzzQ0wQQyvS99tZLWUNbnHwzEjTKccxJq0Ppkwa\n vm4Xsb3QG3gU8SP1TR/m62G0DYDK7LOEw/zMshZHTo47aFY7hRKgTSp6P4I05tm8w8\n t/ZEJKNpMGirO2xFZD73CHkKx1/ggEfJ3kqv9deFqJWvlKzJP3wpEyXs4AFwCGN4ze\n q5BsmHwBrSwe/Hy7Mk1sVmuzP88DtpKBPKmsmm7AW1zyGNAsKo4z8qANULxXwEeAn7\n lfPIPmvKsY61w==", "X-Mailman-Original-Authentication-Results": [ "smtp2.osuosl.org;\n dmarc=pass (p=none dis=none)\n header.from=strongswan.org", "smtp2.osuosl.org;\n dkim=pass (2048-bit key,\n unprotected) header.d=strongswan.org header.i=@strongswan.org\n header.a=rsa-sha256 header.s=default header.b=hDBmelwR" ], "Subject": "[Buildroot] [PATCH v3 1/5] support/testing/utils: add basic tests\n for utils/generate-cyclonedx", "X-BeenThere": "buildroot@buildroot.org", "X-Mailman-Version": "2.1.30", "Precedence": "list", "List-Id": "Discussion and development of buildroot <buildroot.buildroot.org>", "List-Unsubscribe": "<https://lists.buildroot.org/mailman/options/buildroot>,\n <mailto:buildroot-request@buildroot.org?subject=unsubscribe>", "List-Archive": "<http://lists.buildroot.org/pipermail/buildroot/>", "List-Post": "<mailto:buildroot@buildroot.org>", "List-Help": "<mailto:buildroot-request@buildroot.org?subject=help>", "List-Subscribe": "<https://lists.buildroot.org/mailman/listinfo/buildroot>,\n <mailto:buildroot-request@buildroot.org?subject=subscribe>", "Content-Type": "text/plain; charset=\"us-ascii\"", "Content-Transfer-Encoding": "7bit", "Errors-To": "buildroot-bounces@buildroot.org", "Sender": "\"buildroot\" <buildroot-bounces@buildroot.org>" }, "content": "Introduce unit-tests for the generate-cyclonedx script, covering basic\nscript invocation, patch CVE extraction and virtual packages.\n\nSigned-off-by: Martin Willi <martin@strongswan.org>\n---\n .../tests/utils/test_generate_cyclonedx.py | 136 ++++++++++++++++++\n .../cve_upstream.patch | 11 ++\n 2 files changed, 147 insertions(+)\n create mode 100644 support/testing/tests/utils/test_generate_cyclonedx.py\n create mode 100644 support/testing/tests/utils/test_generate_cyclonedx/cve_upstream.patch", "diff": "diff --git a/support/testing/tests/utils/test_generate_cyclonedx.py b/support/testing/tests/utils/test_generate_cyclonedx.py\nnew file mode 100644\nindex 000000000000..20f67b48a7a8\n--- /dev/null\n+++ b/support/testing/tests/utils/test_generate_cyclonedx.py\n@@ -0,0 +1,136 @@\n+\"\"\"Unit tests for utils/generate-cyclonedx.\"\"\"\n+\n+import json\n+import os\n+import subprocess\n+import tempfile\n+import unittest\n+from pathlib import Path\n+\n+import infra\n+\n+PATCH = \"support/testing/tests/utils/test_generate_cyclonedx/cve_upstream.patch\"\n+SCHEMA_LICENSES = [\"MIT\", \"Apache-2.0\", \"GPL-3.0-only\"]\n+\n+\n+class TestGenerateCycloneDX(unittest.TestCase):\n+ def setUp(self):\n+ # Provide a fake SPDX schema so the script never hits the network.\n+ self.schema_dir = tempfile.TemporaryDirectory()\n+ self.addCleanup(self.schema_dir.cleanup)\n+\n+ cyclonedx_dir = Path(self.schema_dir.name) / \"cyclonedx\"\n+ cyclonedx_dir.mkdir(parents=True)\n+ schema_path = cyclonedx_dir / \"spdx-1.6.schema.json\"\n+ schema_path.write_text(json.dumps({\"enum\": SCHEMA_LICENSES}))\n+\n+ self.env = os.environ.copy()\n+ self.env[\"BR2_DL_DIR\"] = self.schema_dir.name\n+ self.script = infra.basepath(\"utils/generate-cyclonedx\")\n+ self.cwd = infra.basepath()\n+\n+ def _make_show_info(self) -> dict:\n+ return {\n+ \"package-foo\": {\n+ \"name\": \"foo\",\n+ \"version\": \"1.2\",\n+ \"type\": \"target\",\n+ \"virtual\": False,\n+ \"licenses\": \"MIT\",\n+ \"cpe-id\": \"cpe:2.3:a:example:foo:1.2:*:*:*:*:*:*:*\",\n+ \"patches\": [PATCH],\n+ \"dependencies\": [\"skeleton-baz\", \"package-virtual\", \"package-bar\"],\n+ \"ignore_cves\": [\"CVE-2025-0001\"],\n+ \"package_dir\": \"package/package-foo\",\n+ },\n+ \"skeleton-baz\": {\n+ \"name\": \"skeleton-baz\",\n+ \"version\": \"0.1\",\n+ \"type\": \"target\",\n+ \"virtual\": False,\n+ \"licenses\": \"Apache-2.0\",\n+ \"dependencies\": [],\n+ \"package_dir\": \"package/skeleton-baz\",\n+ },\n+ \"package-bar\": {\n+ \"name\": \"bar\",\n+ \"version\": \"0.2\",\n+ \"type\": \"target\",\n+ \"virtual\": False,\n+ \"licenses\": \"MIT\",\n+ \"ignore_cves\": [\"CVE-2025-0002\"],\n+ \"dependencies\": [],\n+ \"package_dir\": \"package/package-bar\",\n+ },\n+ \"host-tool\": {\n+ \"name\": \"host-tool\",\n+ \"version\": \"0.3\",\n+ \"type\": \"host\",\n+ \"virtual\": False,\n+ \"licenses\": \"GPL-3.0-only\",\n+ \"dependencies\": [],\n+ \"package_dir\": \"package/host-tool\",\n+ },\n+ \"package-virtual\": {\n+ \"name\": \"virtual-provider\",\n+ \"virtual\": True,\n+ \"type\": \"target\",\n+ \"provides\": [\"package-foo\"],\n+ \"dependencies\": [],\n+ \"package_dir\": \"package/package-virtual\",\n+ },\n+ }\n+\n+ def _run_script(self, extra_args=(), show_info=None):\n+ data = show_info if show_info is not None else self._make_show_info()\n+ completed = subprocess.run(\n+ [self.script, *extra_args],\n+ cwd=self.cwd,\n+ env=self.env,\n+ input=json.dumps(data),\n+ text=True,\n+ capture_output=True,\n+ check=True,\n+ )\n+ return json.loads(completed.stdout)\n+\n+ def _find_component(self, result: dict, name: str) -> dict:\n+ for component in result[\"components\"]:\n+ if component[\"bom-ref\"] == name:\n+ return component\n+ self.fail(f\"component {name} missing\")\n+\n+ def test_default(self):\n+ result = self._run_script()\n+\n+ self.assertEqual(len(result[\"components\"]), 4)\n+ self.assertIn(\"vulnerabilities\", result)\n+ vulnerabilities = {v[\"id\"]: v for v in result[\"vulnerabilities\"]}\n+ self.assertEqual(len(vulnerabilities), 2)\n+ self.assertEqual(vulnerabilities[\"CVE-2025-0001\"][\"analysis\"][\"state\"], \"resolved_with_pedigree\")\n+ self.assertEqual(vulnerabilities[\"CVE-2025-0002\"][\"analysis\"][\"state\"], \"in_triage\")\n+\n+ foo = self._find_component(result, \"package-foo\")\n+ patch = foo[\"pedigree\"][\"patches\"][0]\n+ self.assertIn(\"text\", patch[\"diff\"])\n+ self.assertIn(\"content\", patch[\"diff\"][\"text\"])\n+\n+ host = self._find_component(result, \"host-tool\")\n+ self.assertEqual(host[\"properties\"][0][\"value\"], \"host\")\n+\n+ names = {c[\"bom-ref\"] for c in result[\"components\"]}\n+ self.assertIn(\"skeleton-baz\", names)\n+ self.assertIn(\"package-bar\", names)\n+ self.assertNotIn(\"package-virtual\", names)\n+\n+ foo_deps = next(d for d in result[\"dependencies\"] if d[\"ref\"] == \"package-foo\")\n+ self.assertEqual(foo_deps[\"dependsOn\"], [\"package-bar\", \"skeleton-baz\"])\n+\n+ def test_virtual(self):\n+ result = self._run_script([\"--virtual\"])\n+\n+ names = {c[\"bom-ref\"] for c in result[\"components\"]}\n+ self.assertEqual(names, {\"package-foo\", \"skeleton-baz\", \"host-tool\", \"package-virtual\", \"package-bar\"})\n+\n+ foo_deps = next(d for d in result[\"dependencies\"] if d[\"ref\"] == \"package-foo\")\n+ self.assertEqual(foo_deps[\"dependsOn\"], [\"package-bar\", \"package-virtual\", \"skeleton-baz\"])\ndiff --git a/support/testing/tests/utils/test_generate_cyclonedx/cve_upstream.patch b/support/testing/tests/utils/test_generate_cyclonedx/cve_upstream.patch\nnew file mode 100644\nindex 000000000000..f18e51ebb9ec\n--- /dev/null\n+++ b/support/testing/tests/utils/test_generate_cyclonedx/cve_upstream.patch\n@@ -0,0 +1,11 @@\n+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001\n+CVE: CVE-2025-0001\n+Upstream: https://patches.example/foo.patch\n+\n+diff --git a/foo.txt b/foo.txt\n+index 0000001..0000002 100644\n+--- a/foo.txt\n++++ b/foo.txt\n+@@\n+-foo\n++bar\n", "prefixes": [ "v3", "1/5" ] }